US2019356652A1PendingUtilityA1

Secure Interoperable Set Top Box Through Reverse OTP

27
Assignee: CENTRE FOR DEV OF TELEMATICSPriority: May 15, 2018Filed: May 15, 2018Published: Nov 21, 2019
Est. expiryMay 15, 2038(~11.8 yrs left)· nominal 20-yr term from priority
H04N 21/25816H04N 21/4182H04N 21/63775H04N 21/63345H04L 63/0428H04L 63/0823H04L 63/0838H04N 21/41265
27
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Disclosed is a set top box (STB) configured to work with a smart card (SC) wherein the STB is authenticated by an operator who provides the smart card to a user using a One Time Password (OTP). The OTP is generated by the SC and sent via the STB to the operator through a user mobile device operatively coupled with the STB. The operator verifies the sender based upon registered mobile number of the sender, decrypts the received OTP and uses the decrypted OTP to transmit STB specific control messages to the STB and facilitate registration of the SC. Thereafter the STB can receive and decrypt channel data being transmitted by the operator. The SC, STB and the user mobile device have secure communication amongst each other after authentication of each other. Data sent between the user mobile device and the operator is encrypted.

Claims

exact text as granted — not AI-modified
We claim: 
     
         1 . A set top box (STB) configured to receive an unregistered smart card (SC) that is issued by an operator, said STB being further configured to:
 enable said unregistered SC to generate and encrypt a one-time-password (OTP); and   transmit said encrypted OTP to the operator through a user mobile device that is operatively coupled with said STB, wherein said operator decrypts said received OTP, and uses said decrypted OTP so as to transmit STB specific control messages to said STB and facilitate registration of said SC.   
     
     
         2 . The STB as claimed in  claim 1 , wherein said SC is configured to store any or a combination of a unique SC ID, user key, SC certificate, and a public key part of public-private key pair, and wherein said SC encrypts said OTP using said user key. 
     
     
         3 . The STB as claimed in  claim 1 , wherein said STB is bought from a manufacturer that is different from said operator, said STB being associated with a unique STB ID. 
     
     
         4 . The STB as claimed in  claim 1 , wherein said user mobile device is configured with an application provided by the operator, said application being coupled with registered mobile number of said user mobile device. 
     
     
         5 . The STB as claimed in  claim 4 , wherein said application generates a key pair and receives a certificate issued for said key pair from said operator, using which, a session is initiated between said operator and said application configured in said user mobile device. 
     
     
         6 . The STB as claimed in  claim 4 , wherein said operator verifies subscriber corresponding to said user mobile device based on said registered mobile number. 
     
     
         7 . The STB as claimed in  claim 1 , wherein upon receipt of said SC in said STB, said SC and said STB authenticate each other so as to establish a secure communication channel between them using a shared session key. 
     
     
         8 . The STB as claimed in  claim 1 , wherein a second secure communication channel is established between said user mobile device and said STB using a second shared session key. 
     
     
         9 . The STB as claimed in  claim 1 , wherein, at the operator, the decrypted OTP is processed along with a user key assigned to subscriber of said SC so as to generate a temporary Key (TK), which is also generated by the SC configured in the STB. 
     
     
         10 . The STB as claimed in  claim 9 , wherein said operator is configured to generate a random periodic key (PK) that is used to encrypt subscriber-specific data after said SC is registered, wherein said PK is encrypted with TK and subsequently with public key of a public-private key pair of said STB, such that upon receipt of said encrypted information, the STB decrypts said encrypted information with its private key of the key pair, post which said SC decrypts the encrypted information with its TK so as to obtain PK, based on which said SC is registered. 
     
     
         11 . The STB as claimed in  claim 1 , wherein said STB and said SC generate separate random pairing-ids and share them with each other for future confirmation of whether they are paired with each other. 
     
     
         12 . A smart card (SC) issued by an operator and configured to be received in a set top box (STB), wherein said SC is initially unregistered and, as part of its registration process:
 generates and encrypts a one-time-password (OTP); and   using said STB, transmits said encrypted OTP to the operator through a user mobile device that is operatively coupled with said STB, wherein said operator decrypts said received OTP, and uses said decrypted OTP so as to transmit STB specific control messages to said STB and facilitate registration of said SC.   
     
     
         13 . The SC as claimed in  claim 12 , wherein said SC is configured to store any or a combination of a unique SC ID, user key, SC certificate, and a public key part of public-private key pair, and wherein said SC encrypts said OTP using said user key. 
     
     
         14 . The SC as claimed in  claim 12 , wherein upon receipt of said SC in said STB, said SC and said STB authenticate each other so as to establish a secure communication channel between them using a shared session key. 
     
     
         15 . The SC as claimed in  claim 12 , wherein, at the operator, the decrypted OTP is processed along with a user key assigned to subscriber of said SC so as to generate a temporary key (TK), which is also generated by the SC configured in the STB. 
     
     
         16 . The SC as claimed in  claim 14 , wherein said operator is configured to generate a random periodic key (PK) that is used to encrypt subscriber-specific data after said SC is registered, wherein said PK is encrypted with TK and subsequently with public key of a public-private key pair of said STB, such that upon receipt of said encrypted information, the STB decrypts said encrypted information with its private key of the key pair, post which said SC decrypts the encrypted information with its TK so as to obtain PK, based on which said SC is registered. 
     
     
         17 . The SC as claimed in  claim 12 , wherein said STB and said SC generate separate random pairing-ids and share them with each other for future confirmation of whether they are paired with each other. 
     
     
         18 . A method of registering a smart card (SC) with a set top box (STB) configured to receive the SC, said method comprising the steps of:
 enabling, at said SC, generation and encryption of a one-time-password (OTP); and   transmitting, from said STB, to said operator, said encrypted OTP through a user mobile device that is operatively coupled with said STB, wherein said operator decrypts said received OTP, and uses said decrypted OTP so as to transmit STB specific control messages to said STB and facilitate registration of said SC.   
     
     
         19 . The method as claimed in  claim 17 , said method further comprising the steps of:
 processing, at the operator, the decrypted OTP along with a user key assigned to subscriber of said SC so as to generate a temporary key (TK);   generating, at the SC, said TK using said user key and said OTP;   generating, at the operator, a random periodic key (PK) that is used to encrypt subscriber-specific data after said SC is registered, wherein said PK is subsequently encrypted with TK and subsequently with public key of a public-private key pair of said STB to generate aggregate encrypted information;   transmitting, from the operator, to the STB, said aggregate encrypted information;   upon receipt of said aggregate encrypted information, decrypting, at the STB, said encrypted information with its private key of the key pair; and   decrypting, at the SC, the remaining encrypted information with its TK so as to obtain PK, based on which said SC is registered.   
     
     
         20 . The method as claimed in  claim 17 , further comprising the step of generating separate random pairing-ids at said STB and said SC and share them with each other for future confirmation of whether they are paired with each other. 
     
     
         21 . The method as claimed in  claim 17 , further comprising the step of, upon receipt of said SC in said STB, enabling said SC and said STB to authenticate each other so as to establish a secure communication channel between them using a shared session key.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.